Operating System Fingerprint Recognition Using ICMP
The operating system fingerprint is a factor that can help determine a target operating system and version through network scanning. There are two methods of discrimination: Internet Control Message (ICMP) and Transmission Control Protocol (TCP). In this study, we analyzed whether it is possible to categorize the operating system version (e.g., Windows 7, 8.1, 10) in a manner that the operating system can be determined using ICMP. Using ICMP, we could successfully classify the operating systems into Windows and Linux.
KeywordsICMP Operating system OS fingerprint Nmap Wireshark Network packets
This research was supported by the Ministry of Science and ICT (MSIT), Korea, under the Information Technology Research Center (ITRC) support program (IITP-2018-2016-0-00304) supervised by the Institute for Information & Communications Technology Promotion (IITP).
- 1.Humer, S., Murphy, A.: OS fingerprinting techniques and tools, cryptography and network security. Keene State College, CS-455 (2013)Google Scholar
- 2.Bellovin, S.M., Leech, M., Taylor, T: ICMP traceback messages (2003)Google Scholar
- 3.Lamping, U., Sharpe, R., Warnicke, E.: Wireshark User’s Guide for Wireshark 2.1 (2014)Google Scholar